Group Data Protection Officer

Leal Group is actually looking for a Group Data Protection Officer.

DESCRIPTION

The successful incumbent will manage the Group’s organizational data protection and oversee the Group’s compliance with any data protection laws/regulations applicable to the Group’s context

RESPONSIBILITIES

• Master data protection laws and regulations and their applicability to the Group
• Inform and advise data protection laws/regulations and Group policies
• Act as a single point of contact between the Group and any relevant regulatory authority
• Take ownership, develop and execute ant relevant compliance and data protection projects
• Design, set-up, implement, monitor and maintain all personal and company data protection policies, processes, procedures
• Oversee the maintenance of records required to demonstrate data protection compliance
• Ensure IT systems have appropriate safeguards with respect to data protection
• Set-up and maintain the Group’s contracts with data processors
• Conduct regular audits to ensure compliance and address potential risks
• Manage and coordinate all data breach notification procedures and responses
• Communicate with data subjects to address their requests and concerns
• Report to management on progress on data protection initiatives
• Manage a program of awareness and training to deliver compliance and to foster a data privacy culture within the Group
• Be the single point of contact for the Group on any data protection issues
• Design and implement personal data consent processes and procedures wherever personal data is concerned

KEY RELATIONSHIPS / INTERFACES

• Data protection authorities
• Group Senior Management
• Legal departments
• Group IT
• Customer and marketing teams
• HR Teams

ESSENTIAL CRITERIA

• A University Degree in Management or Law or any other relevant field
• At least 7 years of work experience, out of which at least 3 years in a position at Management or Specialist level.
• Ability to make good judgments regarding data privacy risks and to prioritise resources and activity around managing those risks
• Able to conduct the role independently and with integrity
• Proven ability to establish and maintain a high degree of confidentiality, respect, trust and credibility at all levels
• Strong team player
• Excellent verbal and written communication in both English and French language.
• Good personal communication skills capable of dealing with wide range of stakeholders, including senior management

DESIRABLE CRITERIA

• Sound knowledge data privacy legislation and practices.
• Any experience in the Legal, Compliance, IT security field or audit background
• Basic IT knowledge and understanding in terms of data storage, retrieval and information security. (The DPO will need to be able to discuss requirements and solutions confidently with IT staff.)
• Knowledge of IT risks or other information security standards
• Ability to plan, organise and prioritise tasks and projects